<?php
// +----------------------------------------------------------------------
// | NXCMS - 一个免费的多语言外贸企业网站系统
// +----------------------------------------------------------------------
// | Copyright (c) 2016 http://www.nxcms.cn All rights reserved.
// +----------------------------------------------------------------------
// | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 )
// +----------------------------------------------------------------------
// | Version: v1.0.0
// +----------------------------------------------------------------------

/** +----------------------------------------------------------------------
 * | 后台管理员登录功能
 * | 
// +----------------------------------------------------------------------
// | Author: Hippo <nxcms.cn@gmail.com>
// +----------------------------------------------------------------------
// | Version: v1.0.0
// +----------------------------------------------------------------------
*/

class LoginController extends Controller{
	
	
	/**
	 * 管理员登录处理
	 * 
	 *
	 */
	public function indexAction(){
		$username = $errorMsg = '';
		if(IS_POST){
			$username = isset($_POST['username'])? trim($_POST['username']): '';
			$password = isset($_POST['password'])? trim($_POST['password']): '';
			if($username == ''){
				$errorMsg = '用户名不能为空！';
			}elseif($password == ''){
				$errorMsg = '密码不能为空！';
			}else{
				$model = new Model();				
				$row = $model->get('admin', "*", ['username'=> $username]);
				if($row){
					$passwd = md5(md5($password.$row['salt']));
					if($passwd == $row['password']){
						// 登录成功

						$_SESSION['admin'] = $row;

						header('Location:index.php');
					}else{
						// 密码错误
						$errorMsg = '密码错误！';
					}
				}else{
					$errorMsg = '用户名不存在！';
				}
			}
			
		}
		$this->assign('username', $username);	
		$this->assign('errorMsg', $errorMsg);		
		$this->display('login.html');
	}
	
}